infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,138 Commits
7 Branches
556 Tags
419 MiB
Commit Graph

3365 Commits (5bf973871c3beca4788ec655b8ecd5e64af79e55)

Author SHA1 Message Date
James Lee 89e0842b1e Add vim_soap to the mixins list. 
Fixes an issue where a different module load order would result in one
of the vmware modules failing to load be cause vim_soap hadn't been
required yet. Thanks d0rm0us3 for having a weird system and spotting
stuff like this.
 2012-02-20 13:17:45 -07:00
Matt Buck e0a75c1b2c Merge branch 'release/4.2-stable' 
Conflicts:
	lib/msf/core/model/host.rb
 2012-02-19 22:57:22 -06:00
HD Moore c220a80494 Revert "Mark branch as -release (not final, just prep work)" 
This reverts commit b02c368c55.
 2012-02-19 18:52:10 -06:00
HD Moore b02c368c55 Mark branch as -release (not final, just prep work) 2012-02-19 13:47:52 -06:00
David Maloney 6ced540e0b Merge branch 'vmware-api' into vmware-stable 2012-02-18 18:38:20 -06:00
David Maloney 87242f377f trying to resolve conflict for new mixin 2012-02-18 18:38:02 -06:00
David Maloney 36dc0fee50 Better dynamic soap generation for all the vmware stuff 2012-02-18 18:29:46 -06:00
David Maloney a0dac593bc Merge branch 'vmware-api' of github.com:rapid7/metasploit-framework into vmware-api 2012-02-16 02:22:31 -06:00
David Maloney e9b2e060d6 Permissions scanner for vmware 
Fixed the way loot was getting stored to set a propper type
 2012-02-16 02:19:33 -06:00
David Maloney 8d7ddab2af Some minor bug fixes 
Added vm_tag module for 'flag planting'
 2012-02-16 00:45:48 -06:00
David Maloney c5ae56a147 Adding User Enumeration Scanner for vmware 2012-02-15 22:55:11 -06:00
Tod Beardsley 95f54413d8 Create a stable branch of vmware-api 
Just to pick up the soap library and the esx_fingerprint stuff.
 2012-02-15 21:25:56 -06:00
Tod Beardsley bf9ed96155 Fixes up esx_fingerprint and the host model to ID vmware correctly 
Uses the proper host.normalize_os methods to fix up the normalization of
ESX servers.
 2012-02-15 20:31:51 -06:00
David Maloney c9cf47bd4c Add Terminate Session module and some extra goodness to enum sessions 2012-02-15 16:39:13 -06:00
James Lee 038893f72a Don't override the host's os_flavor, either 
See commit:ca0d2d7bc21e100d5471551d9fb65cce39cc064c
 2012-02-15 14:57:06 -07:00
James Lee ca0d2d7bc2 Don't override the host's os_name with "Unknown" 
This prevents modules that provide OS fingerprint details via
report_host from being overridden with inconclusive or missing OS
details from service fingerprints.
 2012-02-15 10:17:26 -07:00
David Maloney 67ba39cc3e Adds a scanner to pull active login sessions off servers 2012-02-15 02:27:25 -06:00
David Maloney e0f11992af Gah screwed up that commit, accidentally chunked out the rescues. 2012-02-15 02:12:06 -06:00
David Maloney 6b539036c9 Fix fingerprinting in the vmware_http_login module 2012-02-15 01:54:34 -06:00
David Maloney e67e9ab34f Adds a power off vm aux module 2012-02-14 20:52:45 -06:00
David Maloney a256a6fb0b Adds a power on vm module 2012-02-14 20:44:11 -06:00
Tod Beardsley 4e55c8b7e4 Fixes Qualys asset importer to pull all refs 
Makes the qualys asset importer behave like the qualys scan importer
when it comes to importing vuln references.
 2012-02-14 11:08:51 -06:00
Tod Beardsley 8c1581567c Cleanup on the vmware fingerprinting. 
Add in some new OS constants and seperate out the fingerprinting
function from the connection function in order to avoid having errors
swallowed by a rescue.
 2012-02-13 16:40:44 -06:00
Tod Beardsley 727cde00c6 Taking David's version of vmware_http_login over mine 2012-02-13 14:54:47 -06:00
David Maloney 8c305e1a28 VMWare Web service finerprinting and OS detection. 
VMWare Screenshot stealer
Improvemenets to the mixin
fix to check method for the login scanner
 2012-02-13 12:05:32 -06:00
David Maloney f4d768ca64 Fix to use the Rex uri_encode method 2012-02-11 14:57:13 -06:00
David Maloney 676a0c53a0 Working Screenshot capability! 2012-02-11 03:51:18 -06:00
HD Moore 6685a65c39 Spend some time type-checking - no exploitable vulns we are aware of, but no reason to leave it to future chance 2012-02-07 17:17:45 -06:00
Patroklos Argyroudis a3af2a1868 Spelling error fix 2012-02-06 16:25:56 +02:00
Patroklos Argyroudis f3345eb2b8 Mac OS X x64 binary template support 2012-02-06 15:58:01 +02:00
sinn3r db1e400dff Merge branch 'master' of github.com:rapid7/metasploit-framework 2012-02-05 01:27:21 -06:00
HD Moore 7524d5e75d Tweak the event dispatcher to enable customer events without a category 
and trigger http request events from the main exploit mixin.
Experimental
 2012-02-04 04:44:50 -06:00
HD Moore 6f54f0637b Dont run ifconfig on windows 2012-02-04 01:18:32 -06:00
David Maloney 668e5f8c52 More fixes to the vim soa[p libs 
Added the SoapAction header as this turns out to be pretty
important for the screenshot task creation method.
 2012-02-03 22:11:21 -06:00
David Maloney df401f4c94 more fixes to backend stuff, plus updated vmware http login module to use 
the correct mixin method now.
 2012-02-03 15:44:41 -06:00
Tod Beardsley 148dddba2f http_fingerprint should use the ssl() function 
Instead of re-declaring ssl as a variable, just use the library's SSL
function, since it's there and it's incidentally more accurate.
 2012-02-03 15:31:20 -06:00
James Lee c0e9825565 Whitespace and a typo 2012-02-03 14:10:17 -07:00
David Maloney b914a97359 Fixes to a bunch of fucntions to work on more complex vmware setups 
VM Enuemration now appears to work against VCenter
 2012-02-03 14:17:35 -06:00
Tod Beardsley af506240cf http_fingerprint reports service info 
Service info once again is reported when http_fingerprint is run against
a target, along with http status codes.
 2012-02-03 12:15:11 -06:00
Tod Beardsley 786d75493c Fix up VMWware webscan to not false positive 
Checks to see if a target is actually vmware based on the provided
cookie, using the http_fingerprint() function from HttpClient.

[Fixes #6340]
 2012-02-02 22:19:57 -06:00
Marcus J. Carey e70f9151e5 Merge remote-tracking branch 'upstream/master' 2012-02-02 07:13:03 -06:00
David Maloney 3f48e626a2 Adding a bunch of new VIM API auxiliary stuff 
Work in progress.
 2012-02-01 12:05:20 -06:00
HD Moore 46d40b89a5 Make sure at least one character is returned 2012-02-01 02:08:26 -06:00
sinn3r 187f630283 Merge branch 'netrc-creds' of https://github.com/jhartftw/metasploit-framework into jhartftw-netrc-creds 2012-01-31 22:45:47 -06:00
Maciej Kotowicz 01d6903c76 fix few mistakes 2012-01-31 22:01:52 +01:00
HD Moore 77c986948c Proper fix for IPv6 postgresql connections 2012-01-31 02:08:02 -06:00
HD Moore a74cf1ee10 Missing argument 2012-01-31 01:49:42 -06:00
HD Moore 52004b1e33 A little more cleanup for IPv6 in HTTP mixins 2012-01-31 01:44:03 -06:00
HD Moore 32f2d6754c Handle ipv6 addresses, choose more obvious 'bad' password for 
fingerprinting
 2012-01-31 00:32:54 -06:00
sinn3r b96beb0680 Correct regex syntax. Also some whitespace fix. 2012-01-30 15:49:06 -06:00
Jon Hart 37d467ea79 Loot .netrc files, generic enum_user_directories 2012-01-29 14:03:57 -08:00
Carlos Perez 5acc0c62d2 Have the the load command also look at the ~/.msf4/plugins folder 2012-01-29 15:03:18 -04:00
sinn3r 41ca655d86 Merge pull request #135 from scriptjunkie/master 
Allow RPC clients to discover supported encoding formats.
 2012-01-28 18:43:05 -08:00
scriptjunkie 086b2e4bf7 Allow RPC clients to discover supported encoding formats. 2012-01-28 15:46:17 -05:00
HD Moore a2d20e25d3 Fix a regression in the workspace inclusion code (only affected 
non-DB-connected instances). Add a PCA UDP scanner
 2012-01-27 12:36:13 -06:00
sinn3r ac582cd0fc Change the error handling message for read_file_meterpreter(), because this one is easier to understand 2012-01-27 02:17:09 -06:00
sinn3r 3f4dbd9df6 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-01-27 01:58:42 -06:00
Stephen Haywood efda420e5f Updates to enum_artifacts 2012-01-26 19:35:39 -05:00
Tod Beardsley 33c53b1f3f Updates vm checking 2012-01-26 13:02:39 -06:00
David Maloney 31f6c4dfff http_fingerprint now reports website isntead of just a service 
fixes #6277
 2012-01-26 11:05:06 -06:00
Maciej Kotowicz 87e7b10b2d `advance` linux x64 payloads 2012-01-26 01:09:35 +01:00
Maciej Kotowicz fe2caf2fe4 `advance` linux x64 payloads 2012-01-26 00:51:06 +01:00
Marcus J. Carey 9b320fa6f3 Update lib/msf/ui/banner.rb 2012-01-24 23:07:38 -06:00
Marcus J. Carey b135446cc6 Update lib/msf/ui/banner.rb 2012-01-24 23:06:24 -06:00
Marcus J. Carey 79ff641f4d adding new comic strip banner logo 2012-01-24 23:01:48 -06:00
scriptjunkie ee2823d23b Compatibility - don't assign LongPtr to Long on x64 2012-01-23 22:17:28 -05:00
Tod Beardsley 31dea3844e Reintroduces chao-mu's OptRegexp 
Revert "Revert "Merge pull request #101 from chao-mu/master""

[See #101]

This reverts commit c5ce575543.
 2012-01-23 14:21:19 -06:00
scriptjunkie c5590a6c40 Add x64 support to VBA in-mem shellcode execution. 2012-01-23 12:43:47 -05:00
scriptjunkie c6f66f6bb4 Add in-memory shellcode execution via VBA macro. 
Keep old embedded exe method as 'vba-exe'.
 2012-01-22 07:23:21 -05:00
scriptjunkie 9d7591467f Fix "failed to generate" error when passing a preferred encoder to "payload.generate" method using RPC from, for example, the GUI on Windows. 
framework.encoders[reqs['Encoder']] returns nil when, for example, reqs['Encoder'] is in UTF-8 encoding and the corresponding key of the framework.encoders hash in US-ASCII encoding.
 2012-01-20 21:06:53 -06:00
sinn3r 955b02e227 Allow 'port' option in module searching (idea originally from Brandon Perry's blog) 2012-01-18 11:19:37 -06:00
Tod Beardsley c5ce575543 Revert "Merge pull request #101 from chao-mu/master" 
Reverting the OptRegexp commit from chao-mu. Before committing to
master, this option type needs to be tested on the various mainstream
UI's (Metasploit Pro, msfgui, and Armitage) to see if they behave
as reasonably as msfconsole. Each UI tends to handle option setting,
passing, and display in their own special way.

This should make it back in by Wednesday, assuming all goes well.

[See #101]

This reverts commit 84db5a21fc, reversing
changes made to 24aaf85a1b.
 2012-01-17 15:33:47 -06:00
Tod Beardsley cfca791480 Version info toggle for git vs svn checkouts 
Version numbers are kind of meaningless in git development branches, but
are reportedly useful for SVN checkouts.

[See #6254]
 2012-01-17 14:35:33 -06:00
Tod Beardsley 84db5a21fc Merge pull request #101 from chao-mu/master 
Created Regexp option type
 2012-01-14 07:25:50 -08:00
Tod Beardsley 4ac6c0c3ee A great big pile of fixes to the ssh scanners 
Not sure how this managed to fall out of master -- some of these fixes
are five days old, and should certianly have been merged in prior to
just now.
 2012-01-13 13:49:21 -06:00
chao-mu b6b49ad672 Merge remote branch 'upstream/master' 2012-01-12 19:40:24 -05:00
chao-mu a8a3d4d2c7 Updatted railgun_reverse_lookups test module to use the new regex options. Corrected spelling mistake in a variable name (my editor ate a p) 2012-01-12 19:39:05 -05:00
sinn3r 02bd1f3407 Merge branch 'master' of https://github.com/averagesecurityguy/metasploit-framework 2012-01-12 17:06:14 -06:00
Stephen Haywood 8d19bca2a9 Added remote digest methods 2012-01-12 12:47:29 -05:00
Tod Beardsley 5f121fe181 Workaround postgresql.fingerprint dlog message 
Came up as a concern, this special-cases notes of
"postgresql.fingerprint". Not thrilled with this fix, though.
 2012-01-11 13:17:21 -06:00
David Maloney ed0dbad243 Fix to MSSQL Ping that returns ALL known isntances onstead of jsut the first one. 
Fixes #6066
 2012-01-10 12:32:47 -08:00
chao-mu b23b7b8a88 Adds support for a regular expression based Option (RegexpOpt). Also introduced a method to OptBase called display_value which returns the value to be displayed to the user. 2012-01-10 09:22:14 -05:00
James Lee 753ddb27c5 Make all the EXE options OptPath 2012-01-10 03:36:47 -07:00
James Lee 1eb4900102 Make EXE::Custom an OptPath so it can be tab'd 2012-01-10 03:25:13 -07:00
Tod Beardsley 9e78eff968 Merge pull request #96 from chao-mu/master 
Updates to Railgun

[Fixes #6128] among other things.
 2012-01-09 06:43:02 -08:00
Tod Beardsley badf62d8e0 Add back in ssh_key_matches?() 2012-01-08 22:45:00 -06:00
Tod Beardsley a1668f2b23 Adds SSHKey gem and some other ssh goodies 
Pubkeys are now stored as loot, and the Cred model has new and exciting
ways to discover which pubkeys match which privkeys.

Squashed commit of the following:

commit 036d2eb61500da7e161f50d348a44fbf615f6e17
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 22:23:32 2012 -0600

    Updates ssh credentials to easily find common keys

    Instead of making the modules do all the work of cross-checking keys,
    this introduces a few new methods to the Cred model to make this more
    universal.

    Also includes the long-overdue workspace() method for credentials.

    So far, nothing actually implements it, but it's nice that it's there
    now.

commit c28430a721fc6272e48329bed902dd5853b4a75a
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 20:10:40 2012 -0600

    Adding back cross-checking for privkeys.

    Needs to test to see if anything depends on order, but should
    be okay to mark up the privkey proof with this as well.

commit dd3563995d4d3c015173e730eebacf471c671b4f
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 16:49:56 2012 -0600

    Add SSHKey gem, convert PEM pubkeys to SSH pubkeys

commit 11fc363ebda7bda2c3ad6d940299bf4cbafac6fd
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 13:51:55 2012 -0600

    Store pubkeys as loot for reuse.

    Yanked cross checking for now, will drop back in before pushing.

commit aad12b31a897db2952999f7be0161df1f59b6000
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sun Jan 8 02:10:12 2012 -0600

    Fixes up a couple typos in ssh_identify_pubkeys

commit 48937728a92b9ae52d0b93cdcd20bb83f15f8803
Author: Tod Beardsley <todb@metasploit.com>
Date:   Sat Jan 7 17:18:33 2012 -0600

    Updates to ssh_identify_pubkeys and friends

    Switches reporting to cred-based rather than note-based, accurately deal
    with DSA keys, adds disable_agent option to other ssh modules, and
    reports successful ssh_login attempts pubkey fingerprints as well.

    This last thing Leads to some double accounting of creds, so I'm not
    super-thrilled, but it sure makes searching for ssh_pubkey types a lot
    easier.... maybe a better solution is to just have a special method for
    the cred model, though.
 2012-01-08 22:28:37 -06:00
chao-mu f7a9518944 In railgun mixin, "error_lookup" has been renamed "lookup_error" and now accepts a filtering regular expression. ::BUILTIN_DLLS instead of .builtin_dlls 2012-01-08 17:18:34 -05:00
chao-mu f9d123a8c8 Merge remote branch 'upstream/master' 2012-01-07 19:06:51 -05:00
James Lee c2406e0e65 Fix whitespace at EOL 2012-01-06 21:13:17 -07:00
James Lee c35c7f5fab Add tab completion for pushm 
[See #6165]
 2012-01-06 21:10:59 -07:00
chao-mu bd52f228a0 Merge remote branch 'upstream/master' 2012-01-06 20:27:53 -05:00
David Maloney 54bca49ef9 Slightly better fix to the digest request header issue 2012-01-05 12:25:32 -08:00
David Maloney e61b4ed65c Fixed issue with send_digest_request_cgi not keeping user supplied headers. 2012-01-05 12:02:21 -08:00
chao-mu 3772f56260 Am making use of platform_util.rb's platform symbols for standardization across railgun. Ideally only platform_util.rb will need to know what platform strings look like and how they are represented in the railgun world. Corrected railgun.rb mixin's pointer_size function. 2012-01-04 22:28:20 -05:00
chao-mu 6db2da1f76 module Rex 
module Post
module Meterpreter
module Extensions
module Stdapi
module Railgun
module Type
module PlatformUtil

	X86_64 = :x86_64
	X86_32 = :x86_32

	def self.parse_client_platform(meterp_client_platform)
		meterp_client_platform =~ /win64/ ? X86_64 : X86_32
	end

end # PlatformUtil
end # Type
end # Railgun
end # Stdapi
end # Extensions
end # Meterpreter
end # Post
end # Rex
 2012-01-04 22:11:09 -05:00
chao-mu d46379dda2 Merge remote branch 'upstream/master' 2012-01-04 19:32:06 -05:00
Tod Beardsley 164c80d496 Adding a comment doc to the shadowcopy lib. 
Citing Tim Tomes and Mark Baggett
 2012-01-04 12:03:13 -06:00
chao-mu b9b5b1e66f Merge remote branch 'upstream/master' 2012-01-02 20:07:50 -05:00
David Maloney dd0b07b2cc Adds mixin and post modules to manipulate Volume shadowcopy Service(VSS) 2011-12-30 15:03:04 -08:00
Joshua Smith 29b6d0d1e3 Adds previous, pushm, popm to msfconsole 
Adds the ability to set and use a stack of modules, and to easily switch
between the last two modules used.

[Fixes #6165][Closes #84]
Squashed commit of the following:

commit e41e7f704888b1ce5ad5f23caeee1de13052e3d5
Author: Joshua Smith <kernelsmith@kernelsmith.com>
Date:   Mon Dec 26 15:52:08 2011 -0500

    pushm/popm working great, let me know if you find bugs

commit 23da8d56ea08ca196e649431e8188b4f29ba97b9
Author: Joshua Smith <kernelsmith@kernelsmith.com>
Date:   Mon Dec 26 14:37:18 2011 -0500

    Adds the 'previous' command to msfconsole which will load the previously active module as the currently active module, adds @previous_module as a class variable
 2011-12-30 15:30:55 -06:00
andurin 898df592be Fix2 rpc exception handling 
HD suggested a small tweak to use error_code OR res.code for the raise
 2011-12-30 07:05:26 +01:00
andurin 7b4de2380f Small fix: RPC client exception handling 
IMHO rpc client should transform the error code from Msf::RPC::Exception
into it's own Msf::RPC::ServerException and should not take the msgpack
response code.

In deep:
I ran into a '401 invalid auth token' after a token timeout (300s).
RPC Daemon raised a 401 - invalid auth token as expected but rpc client
transformed it to a '200 - invalid auth token' using the successful http
transaction to transport the exception.
 2011-12-30 05:44:26 +01:00
Tod Beardsley bc22b7de99 MSFConsole should display hostless loot, also typo fix. 
Fixes the console to display loot not associated with a host, as when
the CorpWatch modules save loot. Also fixes a typo on
corpwatch_lookup_id.rb

Fixes #6177
 2011-12-29 15:11:15 -06:00
Tod Beardsley 78da15ed15 Always check for the current workspace when calling Report#myworkspace(). 
Fixes #6175
 2011-12-29 13:48:05 -06:00
chao-mu ebe461cce7 Merge branch 'master' of git://github.com/rapid7/metasploit-framework 2011-12-28 20:14:01 -05:00
David Maloney 3bb2b5b7fd Fixed typo in validation routine 2011-12-28 09:40:36 -08:00
David Maloney 9e1e87508f Fix to boundary validation for when no db is present 
Fixes #6171
 2011-12-28 08:47:22 -08:00
chao-mu 5560c6b17e Moved and adapted code relating to looking up constant names by constant value 2011-12-28 00:40:08 -05:00
chao-mu ffcf5af9b0 Merge remote branch 'upstream/master' 2011-12-27 22:06:51 -05:00
David Maloney 9b995bc0a5 Adds boundary validation to the framework 
enforces boudnary checking on netbios probes
 2011-12-27 11:33:52 -08:00
chao-mu 1604162ba3 A place to add railgun convenience code for use in modules 2011-12-24 15:59:46 -05:00
Tod Beardsley b6d56e8410 Fixes VBS executable creator util 
Fixes #6152, using booleans instead of ints.

Tip o' the hat to cloder for the MSDN ref:
http://msdn.microsoft.com/en-us/library/aa265018%28v=vs.60%29.aspx

Tested works on winxp and win7 targets via the persistence meterpreter
script.
 2011-12-22 13:13:34 -06:00
Joshua Smith 5166bdcb01 initial, working resource file tab completion, completes from <install_dir>/scripts/resource, see redmine no. 4611 2011-12-15 17:27:52 -05:00
Jonathan Cran 6165b7a1eb This commit adds a junit_success method, which can be called to 
generate a test case success xml. This is necessary for the parser to
recognize that tests were indeed run.
 2011-12-13 21:13:31 -06:00
HD Moore cb94b92e9c What in nine hells was this. 2011-12-13 16:04:25 -06:00
HD Moore f38a794b1c Convert ` to ' 2011-12-13 16:02:23 -06:00
HD Moore cfa128a2c8 Show the actual module name in the stack trace (instead of eval) 2011-12-13 09:47:37 -06:00
HD Moore 1d244c4b27 Return the URL in the correct format from the model 2011-12-11 13:50:21 -06:00
HD Moore 17cc89ebad Add IPv6 specific HTTP(S) handlers and payloads (simplifies 
options/usage)
 2011-12-11 13:26:48 -06:00
HD Moore 8e01312d0f Formatting 2011-12-10 13:27:47 -06:00
HD Moore e33ca5a7ba Small typo fix 2011-12-10 13:26:47 -06:00
HD Moore e46745b761 Add support for link-local scopes 2011-12-10 13:24:58 -06:00
HD Moore 9c887eb457 Fix displayed host name for IPv6 targets 2011-12-10 13:24:58 -06:00
HD Moore e3f121929c Accept IPv6 addresses in the return if getaddress 2011-12-10 13:24:58 -06:00
David Maloney d939e33f1e Allows for Loot and Tasks to be imported from an MSF ZIP. 
This should bring any loots and tasks along with
everything else when doing an improt from an MSF ZIP file.
 2011-12-05 22:30:34 -05:00
HD Moore 18e9b99e72 Fix permission (octal not decimal) 2011-12-05 16:49:16 -06:00
HD Moore 4748bf70cd Use octal mode, duh 2011-12-05 13:07:36 -06:00
HD Moore 89caed444b Add a helper method for modules to indicate IPv6 compatibility 2011-12-05 13:07:36 -06:00
HD Moore 5362e0cd24 Accept IPv6 addresses into the database routines, start flushing out 
incompatibilities.
 2011-12-05 13:07:36 -06:00
HD Moore 4829968107 Purge the old RPC API 2011-12-05 13:07:25 -06:00
HD Moore f673b02308 Remove references to address6 2011-12-05 13:07:25 -06:00
HD Moore 27974c4c27 Merge branch 'master' of github.com:rapid7/metasploit-framework into fastlib 
Conflicts:
	modules/auxiliary/scanner/http/axis_login.rb
	modules/exploits/multi/http/axis2_deployer.rb
	modules/post/multi/gather/thunderbird_creds.rb
	modules/post/windows/gather/credentials/imvu.rb
	msfopcode
 2011-12-03 14:07:09 -06:00
David Maloney 1db9177583 Revert "Merge pull request #22 from scriptjunkie/multithread" 
This reverts commit 4f76f3bbb8, reversing
changes made to e72dad4e81.
 2011-12-02 13:35:43 -05:00
HD Moore 424901b4b6 Change the encapsulation method to allow multiple methods without 
conflict
 2011-12-02 02:02:55 -06:00
HD Moore 4f76f3bbb8 Merge pull request #22 from scriptjunkie/multithread 
RPC multithreading
 2011-12-01 23:43:32 -08:00
HD Moore 626389f5ba No longer track module archive paths, since the manager will load them from the main dir 2011-11-28 22:27:21 -06:00
HD Moore 591ef73f7d Merge in updated module_manager that loads all .fastlibs 2011-11-28 22:24:27 -06:00
Tod Beardsley ac33e55df5 Allow hyphens for fnames and ltypes for fileformat exploits 2011-11-28 19:16:30 -06:00
Tod Beardsley 44a47f9913 Fixing up OWA bruteforce module to conform with the usual print_status 
messages.
 2011-11-28 13:31:54 -06:00
David Maloney d8cd16eb65 Typo in report_auth_info 
that caused snmp creds to fail reporting.
fixes #6015
 2011-11-26 17:57:46 -08:00
HD Moore f714591b92 Purge the new version code, it triggers a stack and is a massive performance hit 2011-11-23 23:05:51 -06:00
Tod Beardsley 8ab41013d1 Updating the version information to check the SVN metadata first. 2011-11-23 23:05:51 -06:00
HD Moore 4285651455 Purge the new version code, it triggers a stack and is a massive performance hit 2011-11-23 14:32:38 -06:00
Tod Beardsley 94edf3a8ec Updating the version information to check the SVN metadata first. 2011-11-22 18:33:44 -06:00
David Maloney c4db49cccc Fixes issues with telnet bruteforcing where prompts were not 
being recognized properly.
 2011-11-22 00:06:58 -06:00
David Maloney 7d626e3ad1 Fixes issues with telnet bruteforcing where prompts were not 
being recognized properly.
 2011-11-21 14:07:30 -08:00
HD Moore 7059e20315 Add support for .fastlib module archives to the module manager 2011-11-21 15:58:19 -06:00
James Lee bf105f48cb massive removal of spaces at EOL and some bad tabs 2011-11-20 12:32:06 +11:00
James Lee 9261d8ec25 spaces at EOL in base 2011-11-20 12:11:40 +11:00
James Lee e7a545c483 spaces at EOL in core stuff 2011-11-20 12:10:08 +11:00
James Lee 79c2264263 more spaces at EOL and bad tabs 2011-11-20 12:05:14 +11:00
James Lee aeeed02eee more spaces at EOL 2011-11-20 12:01:19 +11:00
James Lee 441c5a22ab more spaces at EOL 2011-11-20 12:00:07 +11:00
James Lee 4ac21afcbc more spaces at EOL 2011-11-20 11:59:28 +11:00
Tod Beardsley 55367fad4f Merge pull request #25 from rapid7/post_module_sudo 
Post module sudo
 2011-11-18 06:30:40 -08:00
Tod Beardsley d8b77564ef Tidying up, fixing csh echo behavior 2011-11-17 16:29:02 -06:00
Tod Beardsley 9878517f80 Cleanup and light refactoring, deal with slowpoke linux telnet cmd_exec() 2011-11-17 13:19:13 -06:00
scriptjunkie c4eb32d2ff Add an optional multithreading to stream server, and enable multithreading (one thread per client) to the RPC server. 2011-11-17 08:07:34 -08:00
Tod Beardsley 93a133d5de Always try both export and setenv. Fixups to allow for correct reading from echoy nix shells. Fixes is_root? to not treat an empty string as 0 2011-11-16 16:48:19 -06:00
Wesley Cate b923d952b3 module.execute() now returns a 'uuid' element which can be cross-referenced with the 'exploit_uuid' element returned in each entry in session.list. 
this was hdm's preferred solution.
 2011-11-15 18:36:45 -05:00
David Maloney 6306f8888a Fix to the username normalisation routine to deal with creds that 
have no username (i.e. VNC)
 2011-11-15 08:52:18 -08:00
David Maloney c8142043e9 Fixes to credential handling to downcase usernames whenever they are not case sensitive. 
Also report_auth_info now checks to see if a non-case sensitive version of the cred
may already exist.
 2011-11-14 22:50:52 -08:00
andurin 97f62d955f Fixed very small typo 2011-11-14 11:19:16 +01:00
James Lee 16f0d6cbee Fix a misplaced comma in a comment 2011-11-14 16:06:45 +11:00
James Lee 8ac4479b13 Use railgun for deleting services. 
The registry method will make Windows to delete it on reboot, but this
causes it to happen right away.
 2011-11-13 21:05:40 -07:00
HD Moore 7757a2df63 Make sure we wait at least half a second for a 401 reply 2011-11-13 12:54:48 -06:00
HD Moore 69fb9aa5b1 Make brute forcing of the XMLRPC/MSGPACKRPC services less rewarding through random delays. 2011-11-13 12:45:48 -06:00
James Lee 69cd56ed42 Merge branch 'master' of github-r7:rapid7/metasploit-framework 2011-11-12 15:15:38 -07:00
James Lee f7ff350ebb doesn't work without backslashes 2011-11-12 15:15:09 -07:00
James Lee 07e170f4e4 Add a server argument to the service management methods. Allows 
creating/starting/stopping services on another machine using the current
session's token for authentication.
 2011-11-12 14:40:15 -07:00
HD Moore f4e42420ad Small change to abstract the actual source read 2011-11-12 14:48:11 -06:00
David Maloney 4eb80b5ee4 Merge branch 'master' of github.com:rapid7/metasploit-framework 2011-11-11 17:20:47 -08:00
David Maloney e3f6756e18 Quick fix to import to prevent services from being imported without a port. 2011-11-11 17:19:26 -08:00
James Lee 03f51793c2 Store john.pot in the user's config directory instead of in an 
arch-specific dir under data/
 2011-11-11 11:09:42 -07:00
Tod Beardsley 40614a3cf4 Merge branch 'iss5454' 2011-11-11 11:26:05 -06:00
Tom Samstag 7b7413d85e Bash format for msfencode/msfvenom 
This patch adds a Bash output format for msfencode and msfvenom. This is especially useful for local exploitation with shellcode in an environment variable.
Example output:

$ echo 'this is a test' | ./msfvenom -f bash
[-] Using X86 architecture and Windows platform for stdin payload to change use -a and --platform
export buf=\
$'\x74\x68\x69\x73\x20\x69\x73\x20\x61\x20\x74\x65\x73\x74'\
$'\x0a'

It adds unit tests for the new format and also fixes a unit test that was broken (assert_equal 'AAAAAAAAA', Rex::Text.pattern_create(9,['A'])) due to a bug in the shortcut in pattern_create.
 2011-11-11 00:13:17 -08:00
David Maloney a4d67f26c5 Merge branch 'iss5426' 2011-11-10 19:00:52 -08:00
David Maloney e82c3ad486 Fixes #5426 2011-11-10 18:59:30 -08:00
HD Moore c30f328560 Purge code deprecated in the 4.1.0 release 2011-11-10 20:16:14 -06:00
HD Moore 6cf59fc695 Small tweak to test mirroring 2011-11-09 22:45:49 -06:00
HD Moore 818ece916f Add missing commit 2011-11-09 21:40:02 -06:00
Jonathan Cran 7885699ab1 rename the attribute to classname so parser doesn't barf 
git-svn-id: file:///home/svn/framework3/trunk@14204 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 22:21:39 +00:00
HD Moore 2c47475aee This adds the ability for RC scripts to generate junit/xunit style XML output files for error conditions 
git-svn-id: file:///home/svn/framework3/trunk@14203 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 21:32:48 +00:00
HD Moore 80652126b0 This change automatically sets +x permissions for cpuinfo and jtr if the install did not set them. 
git-svn-id: file:///home/svn/framework3/trunk@14202 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 16:44:07 +00:00
HD Moore c504d295b2 Rescue EOFErrors by default as well (handle corner cases across a swath of modules) 
git-svn-id: file:///home/svn/framework3/trunk@14200 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-09 06:10:10 +00:00
Matt Weeks fdf13e5e0e Fixes #5927 
git-svn-id: file:///home/svn/framework3/trunk@14196 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-08 21:45:17 +00:00
Matt Weeks 4629c0867b Address #5887 and #5888 for RPC DB and msfgui 
git-svn-id: file:///home/svn/framework3/trunk@14167 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-05 18:12:10 +00:00
HD Moore cd3c3daae1 Allow SkipDatabaseInit to be passed to new consoles to skip over DB initialization. Combined with r14161 this fixes #5902 by allowing this option to be passed down 
git-svn-id: file:///home/svn/framework3/trunk@14164 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-04 22:25:09 +00:00
HD Moore d7199d243d This tweak allows a hash of options to be passed to console.create() and for this to bubble up to the WebConsole driver initialization 
git-svn-id: file:///home/svn/framework3/trunk@14161 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-04 20:38:12 +00:00
David Maloney 131ffe4ab2 Fixed inconsistencies in how data was being passed to report_auth_info(). The command dispatcher and filezilla 
server cred module both used the accessor :ptype but report_auth_info looks for :type. 

While ptype is what the db field is called, almsot everything else references :type so it is better
for consistency to keep everything at :type.

Fixes #5906



git-svn-id: file:///home/svn/framework3/trunk@14141 4d416f70-5f16-0410-b530-b9f4589650da
 2011-11-02 02:47:28 +00:00
Tod Beardsley 2a6b002054 Fixes #5338. Note that defined methods are always shared across bindings, no matter what. This patch allows for local variables and other locally-scoped things to behave the same way. 
git-svn-id: file:///home/svn/framework3/trunk@14126 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 17:48:03 +00:00
Tod Beardsley 667175c650 Fixes #5797, adds an environment variable controlled top level directory for msf config goodies. Thanks Kurt Grutzmacher! 
git-svn-id: file:///home/svn/framework3/trunk@14125 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-31 16:53:45 +00:00
HD Moore a4de179793 Bump versioning 
git-svn-id: file:///home/svn/framework3/trunk@14121 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-30 05:09:20 +00:00
HD Moore e4695b21ec Correct the use of auth.logout and make some other items more consistent 
git-svn-id: file:///home/svn/framework3/trunk@14105 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-28 22:47:26 +00:00
Carlos Perez 0fb9aad89e Typo 
git-svn-id: file:///home/svn/framework3/trunk@14096 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-28 13:34:05 +00:00
Tod Beardsley 4b4ef45e33 Fixes #3538, adds store_local, changes the dest directory of all fileformat exploits, allows "save" to be passed to db_nmap to save scan results. 
git-svn-id: file:///home/svn/framework3/trunk@14091 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-27 17:01:51 +00:00
HD Moore 993a56421e Version bumpwq 
git-svn-id: file:///home/svn/framework3/trunk@14072 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-26 09:12:44 +00:00
James Lee 5ce859d3ad add tab completion to 'route remove'. this has bugged me for years. 
git-svn-id: file:///home/svn/framework3/trunk@14065 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 16:54:21 +00:00
James Lee d218852f0a allow 'route del' as a synonym for 'route remove' since i can never remember to do it right; fix a bug with improper usage for cmd_route; add Prompt* to the list of known global options 
git-svn-id: file:///home/svn/framework3/trunk@14063 4d416f70-5f16-0410-b530-b9f4589650da
 2011-10-25 16:31:35 +00:00